static void icmp_parse(struct xt_option_call *cb) { struct ipt_icmp *icmpinfo = cb->data; xtables_option_parse(cb); parse_icmp(cb->arg, &icmpinfo->type, icmpinfo->code); if (cb->invert) icmpinfo->invflags |= IPT_ICMP_INV; }
static int parse_selector(int *argc_p, char ***argv_p, struct tc_u32_sel *sel) { int argc = *argc_p; char **argv = *argv_p; int res = -1; if (argc <= 0) return -1; if (matches(*argv, "u32") == 0) { NEXT_ARG(); res = parse_u32(&argc, &argv, sel, 0, 0); goto done; } if (matches(*argv, "u16") == 0) { NEXT_ARG(); res = parse_u16(&argc, &argv, sel, 0, 0); goto done; } if (matches(*argv, "u8") == 0) { NEXT_ARG(); res = parse_u8(&argc, &argv, sel, 0, 0); goto done; } if (matches(*argv, "ip") == 0) { NEXT_ARG(); res = parse_ip(&argc, &argv, sel); goto done; } if (matches(*argv, "ip6") == 0) { NEXT_ARG(); res = parse_ip6(&argc, &argv, sel); goto done; } if (matches(*argv, "udp") == 0) { NEXT_ARG(); res = parse_udp(&argc, &argv, sel); goto done; } if (matches(*argv, "tcp") == 0) { NEXT_ARG(); res = parse_tcp(&argc, &argv, sel); goto done; } if (matches(*argv, "icmp") == 0) { NEXT_ARG(); res = parse_icmp(&argc, &argv, sel); goto done; } return -1; done: *argc_p = argc; *argv_p = argv; return res; }
static int parse_selector(int *argc_p, char ***argv_p, struct tc_u32_sel *sel, struct nlmsghdr *n) { int argc = *argc_p; char **argv = *argv_p; int res = -1; if (argc <= 0) return -1; if (matches(*argv, "u32") == 0) { NEXT_ARG(); res = parse_u32(&argc, &argv, sel, 0, 0); } else if (matches(*argv, "u16") == 0) { NEXT_ARG(); res = parse_u16(&argc, &argv, sel, 0, 0); } else if (matches(*argv, "u8") == 0) { NEXT_ARG(); res = parse_u8(&argc, &argv, sel, 0, 0); } else if (matches(*argv, "ip") == 0) { NEXT_ARG(); res = parse_ip(&argc, &argv, sel); } else if (matches(*argv, "ip6") == 0) { NEXT_ARG(); res = parse_ip6(&argc, &argv, sel); } else if (matches(*argv, "udp") == 0) { NEXT_ARG(); res = parse_udp(&argc, &argv, sel); } else if (matches(*argv, "tcp") == 0) { NEXT_ARG(); res = parse_tcp(&argc, &argv, sel); } else if (matches(*argv, "icmp") == 0) { NEXT_ARG(); res = parse_icmp(&argc, &argv, sel); } else if (matches(*argv, "mark") == 0) { NEXT_ARG(); res = parse_mark(&argc, &argv, n); } else if (matches(*argv, "ether") == 0) { NEXT_ARG(); res = parse_ether(&argc, &argv, sel); } else return -1; *argc_p = argc; *argv_p = argv; return res; }
static l4_uint16_t parse_ip(ip_hdr *ip) { char ip1[ipbuf_size]; char ip2[ipbuf_size]; print_ip(ip1, &ip->src_addr); print_ip(ip2, &ip->dest_addr); unsigned char hlen = (ip->ver_hlen & 0x0F) * sizeof(int); #if 0 printf(" [IP] version %d, hlen %d, services %d, plen %d, id %d\n", (ip->ver_hlen & 0xF0) >> 4, (ip->ver_hlen & 0x0F), ip->services, ntohs(ip->plen), ntohs(ip->id)); printf(" flags %x, offset %x, ttl %d, proto %s (%d)\n", (ntohs(ip->flags_frag_offset) & 0x70000000) >> 13, (ntohs(ip->flags_frag_offset) & 0x1FFFFFFF), ip->ttl, ip_proto_str(ip->proto), ip->proto); printf(" csum %x, src %s, dest %s\n", ntohs(ip->checksum), ip1, ip2); #endif switch(ip->proto) { case ip_proto_icmp: if (PA_ICMP) parse_icmp((icmp_hdr*)((char*)ip + hlen)); return ip_proto_icmp; break; case ip_proto_tcp: if (PA_TCP) parse_tcp((tcp_hdr*)((char*)ip + hlen)); return ip_proto_tcp; break; case ip_proto_udp: if (PA_UDP) ; return parse_udp((udp_hdr*)((char*)ip + hlen)); break; default: break; } }
static int icmp_parse(int c, char **argv, int invert, unsigned int *flags, const void *entry, struct xt_entry_match **match) { struct ipt_icmp *icmpinfo = (struct ipt_icmp *)(*match)->data; switch (c) { case '1': if (*flags == 1) xtables_error(PARAMETER_PROBLEM, "icmp match: only use --icmp-type once!"); xtables_check_inverse(optarg, &invert, &optind, 0, argv); parse_icmp(optarg, &icmpinfo->type, icmpinfo->code); if (invert) icmpinfo->invflags |= IPT_ICMP_INV; *flags = 1; break; } return 1; }
void parse_ip(char * packet, int packet_size){ int BUF_SIZE = 9; int pointer = 0; unsigned long int IHL = 0; unsigned long int proto = 0; unsigned long int length = 0; if(strncmp(packet, "4", 1) == 0){ printf("IPv4\n"); } else if(strncmp(packet, "6", 1) == 0){ printf("IPv6\nNOT SUPPORTED\n"); return; } else{ printf("Unknown IP type\n"); return; } pointer += 1; char * buf = (char *) malloc(BUF_SIZE); memset(buf, 0, BUF_SIZE); //IHL strncpy(buf, packet + pointer, 1); printf("IHL: %s (%d * 4 = %dbytes)\n", buf, strtoul(buf, NULL, 16), strtoul(buf, NULL, 16) * 4); IHL = strtoul(buf, NULL, 16); pointer += 1; //DSCP and ECN strncpy(buf, packet + pointer, 2); printf("DSCP & ECN: %s\n", buf); pointer += 2; //Total lenght strncpy(buf, packet + pointer, 4); length = strtoul(buf, NULL, 16); printf("Total length: %s (%dbytes)\n", buf, length); pointer += 4; //Identification strncpy(buf, packet + pointer, 4); printf("Identification: %s (%d)\n", buf, strtoul(buf, NULL, 16)); pointer += 4; //Flags and Frag offset strncpy(buf, packet + pointer, 4); printf("Flags and Frag: %s\n", buf); pointer += 4; memset(buf, 0, BUF_SIZE); //Ugly hack as sizes get smaller again //TTL strncpy(buf, packet + pointer, 2); printf("TTL: %s (%d)\n", buf, strtoul(buf, NULL, 16)); pointer += 2; //Proto strncpy(buf, packet + pointer, 2); proto = strtoul(buf, NULL, 16); printf("Proto: %s (%d)\n", buf, proto); pointer += 2; //Checksum strncpy(buf, packet + pointer, 4); printf("Checksum: %s (%d)\n", buf, strtoul(buf, NULL, 16)); pointer += 4; //Source strncpy(buf, packet + pointer, 8); printf("Source: %s (%s)\n", buf, hex_to_ip(buf)); pointer += 8; //Dest strncpy(buf, packet + pointer, 8); printf("Dest: %s (%s)\n", buf, hex_to_ip(buf)); pointer += 8; if(IHL > 5){ printf("OPTIONS NOT IMPLEMENTED\n"); pointer = IHL * 8; } printf("\n"); free(buf); if(TOTAL_SIZE == 0){ TOTAL_SIZE = length; } SIZE_PTR += pointer / 2; printf("SIZE_PTR: %d\n", SIZE_PTR); if(proto == ICMP){ parse_icmp(packet + pointer, packet_size - pointer); } else if(proto == TCP){ SIZE_PTR += parse_tcp(packet + pointer, packet_size - pointer); } else if(proto == UDP){ SIZE_PTR += parse_udp(packet + pointer, packet_size - pointer); } }